Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ZdmVU-F07j8wx2YsVb7tD4Sv8jI.roa
File: ZdmVU-F07j8wx2YsVb7tD4Sv8jI.roa (raw, json)
Hash identifier: OxAyh+S5zcZRSsrGOxUQLX674QDB6OE1s1l/s+NBpls=
Subject key identifier: 65:D9:95:53:E1:74:EE:3F:30:C7:66:2C:55:BE:ED:0F:84:AF:F2:32
Certificate issuer: /CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Certificate serial: 01856E6FCB428AB58CB71F6736F08D148743
Authority key identifier: 8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ZdmVU-F07j8wx2YsVb7tD4Sv8jI.roa
Signing time: Sun 01 Jan 2023 17:44:58 +0000
ROA not before: Sun 01 Jan 2023 17:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209824
IP address blocks: 85.209.53.0/24 maxlen: 24
85.209.52.0/24 maxlen: 24
85.209.55.0/24 maxlen: 24
85.209.54.0/24 maxlen: 24
2a09:9340::/30 maxlen: 30
2a09:9344::/30 maxlen: 30
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:cb:42:8a:b5:8c:b7:1f:67:36:f0:8d:14:87:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8daf61f6608f9a9eac14b18224854807bcdc1324
Validity
Not Before: Jan 1 17:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d99553e174ee3f30c7662c55beed0f84aff232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:eb:a3:5f:6e:0c:c7:47:f9:25:2b:23:c9:
5d:14:96:9b:6a:e3:10:16:18:bd:e8:2c:9c:46:b6:
7e:ca:22:6c:b4:db:39:30:36:ed:03:42:56:ad:3d:
ff:c6:3e:ae:c2:96:a6:16:63:6a:5a:35:e4:53:47:
51:8c:40:b3:41:7a:21:65:b0:98:38:93:a8:5f:eb:
e9:c9:db:9b:40:88:d0:15:b9:4e:8e:23:e9:e3:de:
87:2b:95:bc:c2:33:48:36:7b:6b:73:9f:7c:07:05:
52:f3:37:e2:a4:08:d0:70:24:a9:73:b5:ff:39:05:
d2:c3:35:10:33:b8:8f:3e:cf:b7:64:26:d2:02:7f:
cb:f6:9c:c7:7f:ea:8c:9b:8a:fe:cf:11:c9:18:69:
88:8e:73:03:82:8c:ba:e7:62:4b:95:07:05:46:58:
b5:dd:6f:e0:73:90:00:00:40:fd:de:4d:89:5d:c5:
51:96:87:15:6f:1c:d1:4f:27:3a:cb:65:ab:6e:fe:
a9:fc:3f:1a:57:9e:35:8f:cd:01:27:db:84:fc:2b:
bc:bb:ec:df:4c:60:41:4b:f3:0b:db:2c:f0:5f:3e:
60:80:85:48:16:da:ff:fe:64:cc:40:67:3c:dc:c7:
a5:bd:56:c4:9d:ce:28:93:f0:6c:16:ec:96:4c:6f:
b8:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D9:95:53:E1:74:EE:3F:30:C7:66:2C:55:BE:ED:0F:84:AF:F2:32
X509v3 Authority Key Identifier:
keyid:8D:AF:61:F6:60:8F:9A:9E:AC:14:B1:82:24:85:48:07:BC:DC:13:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ZdmVU-F07j8wx2YsVb7tD4Sv8jI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/50f935-d675-4089-aae5-fb24be75a3f4/1/ja9h9mCPmp6sFLGCJIVIB7zcEyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.52.0/22
IPv6:
2a09:9340::/29
Signature Algorithm: sha256WithRSAEncryption
95:58:a4:e1:9d:91:f5:0f:26:04:0f:31:cf:95:08:0f:f0:82:
2a:d2:4f:d8:7e:86:f6:97:75:dd:b8:73:35:8d:fb:80:3b:24:
22:01:6a:40:10:02:9f:a1:f6:15:e8:e8:5c:b5:5f:34:79:1f:
73:c5:14:47:85:5a:57:7c:7f:5b:1b:d0:fb:ab:90:08:52:ef:
dc:da:5d:5c:3d:e6:0b:b0:6b:59:9b:4a:d1:57:ef:22:53:e0:
64:f5:be:b8:ae:8e:74:1b:20:49:a7:4c:bf:3e:28:f6:7c:ca:
b8:d1:e6:1d:d3:a4:b1:bc:78:02:3f:ad:7c:38:a6:0c:2e:f8:
d7:4f:1e:9f:d6:a4:48:0c:38:77:78:01:3c:dd:b5:1e:28:0d:
6e:8e:5f:1b:78:ba:75:f9:66:e2:ed:e9:69:26:02:23:9d:fc:
ab:26:4b:56:06:0a:5f:9c:2d:4c:ee:4b:5a:1c:53:4f:db:9f:
2e:7d:e8:86:68:fe:31:35:6f:ee:a4:c9:c3:ce:82:36:51:41:
cd:ac:ae:c5:e4:c9:b5:d9:e0:97:8f:b7:02:bf:b7:75:c4:0e:
ed:de:35:93:f4:80:65:89:61:d0:c2:37:f2:55:d9:c6:fb:9b:
0a:b6:4f:65:6e:3f:fc:fc:b8:10:9a:f5:db:3b:47:5e:e1:f6:
d6:a3:16:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVub8tCirWMtx9nNvCNFIdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYWY2MWY2NjA4ZjlhOWVhYzE0YjE4MjI0ODU0ODA3YmNk
YzEzMjQwHhcNMjMwMTAxMTc0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ5OTU1M2UxNzRlZTNmMzBjNzY2MmM1NWJlZWQwZjg0YWZmMjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurro19uDMdH+SUrI8ldFJabauMQ
Fhi96CycRrZ+yiJstNs5MDbtA0JWrT3/xj6uwpamFmNqWjXkU0dRjECzQXohZbCY
OJOoX+vpydubQIjQFblOjiPp496HK5W8wjNINntrc598BwVS8zfipAjQcCSpc7X/
OQXSwzUQM7iPPs+3ZCbSAn/L9pzHf+qMm4r+zxHJGGmIjnMDgoy652JLlQcFRli1
3W/gc5AAAED93k2JXcVRlocVbxzRTyc6y2Wrbv6p/D8aV541j80BJ9uE/Cu8u+zf
TGBBS/ML2yzwXz5ggIVIFtr//mTMQGc83MelvVbEnc4ok/BsFuyWTG+4SQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGXZlVPhdO4/MMdmLFW+7Q+Er/IyMB8GA1UdIwQY
MBaAFI2vYfZgj5qerBSxgiSFSAe83BMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUt
ZmIyNGJlNzVhM2Y0LzEvWmRtVlUtRjA3ajh3eDJZc1ZiN3RENFN2OGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MGY5MzUtZDY3NS00MDg5LWFhZTUtZmIyNGJlNzVhM2Y0
LzEvamE5aDltQ1BtcDZzRkxHQ0pJVklCN3pjRXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdE0MA0E
AgACMAcDBQMqCZNAMA0GCSqGSIb3DQEBCwUAA4IBAQCVWKThnZH1DyYEDzHPlQgP
8IIq0k/Yfob2l3XduHM1jfuAOyQiAWpAEAKfofYV6OhctV80eR9zxRRHhVpXfH9b
G9D7q5AIUu/c2l1cPeYLsGtZm0rRV+8iU+Bk9b64ro50GyBJp0y/Pij2fMq40eYd
06SxvHgCP618OKYMLvjXTx6f1qRIDDh3eAE83bUeKA1ujl8beLp1+Wbi7elpJgIj
nfyrJktWBgpfnC1M7ktaHFNP258ufeiGaP4xNW/upMnDzoI2UUHNrK7F5Mm12eCX
j7cCv7d1xA7t3jWT9IBliWHQwjfyVdnG+5sKtk9lbj/8/LgQmvXbO0de4fbWoxbu
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:04 2024 by rpki-client on console-ams.rpki-client.org